The entrance of consumer technologies inside the enterprise
is posing real threats in IT systems, especially because most companies are not prepared, or do not have sufficient policies, for these new technologies, according to a recent survey by IT security firm Symantec
The study also brought to light that 100% of respondents surveyed have indicated that they are extremely concerned with the loss of confidential/proprietary data. Despite this, 66% of the respondents have not implemented any form of DLP (data loss prevention) system.
“With the increasing ‘consumerisation of IT’ and mobility of employees, it is evident that many companies are still not adequately prepared nor equipped to deal with the growing popularity of Web2.0 tools. This creates security gaps in business processes, increasing the likelihood and extent of data loss threats,” said Unmesh Deshmukh, director, Endpoint Security Sales, Asia Pacific and Japan, Symantec.
The study found that the official use of consumer technology and social media
tools has become prevalent in Singapore enterprises. The survey found that respondents are using social networking sites, like Facebook and LinkedIn (67%), Windows Live Messenger and Yahoo Messenger (33% respectively), blogs (33%) and micro-blogs, such as Twitter, (33%). As adoption and usage of such real-time communication tools continue to grow and flourish, enterprises are concerned about the security risks that they bring about. 100% of the respondents feel that social networking sites, blogs and podcasts pose as high security threats, and over 60% indicated likewise for instant messaging tools and micro-blogging.
Even though all surveyed respondents perceive social networking sites as high security threats, only 33% feel unprotected against it. Podcasts at 100% emerged as the top threat to the enterprise network, according to the survey. 67% and 33% of respondents have indicated that they feel unprotected using blogs and micro-blogging platforms, respectively. Despite these sentiments, a majority of Singapore enterprises remain unprepared and unprotected.
As employees become increasingly mobile, they need to access the corporate network remotely on personal devices. Organisations are empowering employees to access, modify and disseminate company information – often stored on the cloud – via their laptops or smartphones. Aligned with this trend, the study revealed that the number of endpoints in Singapore enterprises is growing, led by Windows-based laptops (66%) and smartphones (33%). Surprisingly, even as more smartphones are being deployed, only 33% of Singapore organisations have implemented standardised endpoint configurations for these devices. Overall, although 67% of respondents feel that employee-owned endpoints comprise security, only 33% have put in place integrated endpoint security processes. 66% of the organisations that participated in the survey indicated that they are planning or considering endpoint virtualisation for enhancing productivity and cost-savings.
Data Loss Threats Increase
The study also notes that the growing heterogeneity of enterprise IT environments is making it more difficult to manage and secure information. The study indicates that 100% of Singapore enterprises have experienced theft of intellectual property. Loss of confidential and proprietary data and downtime of corporate environment are also prevalent at 67% respectively. As a result, 50% have lost revenue, incurred direct financial loss and suffered from customer loss and damaged customer relationships.
To manage security risks, Symantec says it is critical for enterprises to establish and put in place protocols and policies to monitor, manage and govern the use of consumer devices and platforms within the workplace. Comprehensive, sustainable data loss prevention
(DLP) programs must be implemented to enable organisations to measurably reduce the risk of a data breach, demonstrate regulatory compliance and safeguard customer privacy, brand equity and intellectual property.